@zenstackhq/runtime 0.3.10 → 0.3.12

package/lib/handler/data/policy-utils.js

@@ -0,0 +1,477 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.preprocessWritePayload = exports.injectTransactionId = exports.checkPolicyForIds = exports.preUpdateCheck = exports.readWithCheck = exports.queryIds = exports.ensureArray = exports.or = exports.and = void 0;
+/* eslint-disable @typescript-eslint/explicit-module-boundary-types */
+/* eslint-disable @typescript-eslint/no-explicit-any */
+const bcryptjs_1 = require("bcryptjs");
+const deepcopy_1 = __importDefault(require("deepcopy"));
+const constants_1 = require("../../constants");
+const types_1 = require("../../types");
+const types_2 = require("../types");
+const nested_write_vistor_1 = require("./nested-write-vistor");
+//#region General helpers
+/**
+ * Creates a conjunction of a list of query conditions.
+ */
+function and(...conditions) {
+    const filtered = conditions.filter((c) => !!c);
+    if (filtered.length === 0) {
+        return undefined;
+    }
+    else if (filtered.length === 1) {
+        return filtered[0];
+    }
+    else {
+        return { AND: filtered };
+    }
+}
+exports.and = and;
+/**
+ * Creates a disjunction of a list of query conditions.
+ */
+function or(...conditions) {
+    const filtered = conditions.filter((c) => !!c);
+    if (filtered.length === 0) {
+        return undefined;
+    }
+    else if (filtered.length === 1) {
+        return filtered[0];
+    }
+    else {
+        return { OR: filtered };
+    }
+}
+exports.or = or;
+/**
+ * Wraps a value into array if it's not already one
+ */
+function ensureArray(value) {
+    return Array.isArray(value) ? value : [value];
+}
+exports.ensureArray = ensureArray;
+/**
+ * Given a where condition, queries db and returns IDs of result entities
+ */
+function queryIds(model, db, where) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const r = yield db[model].findMany({ select: { id: true }, where });
+        return r.map((item) => item.id);
+    });
+}
+exports.queryIds = queryIds;
+//#endregion
+//#region Policy enforcement helpers
+/**
+ * Read model entities w.r.t the given query args. The result list
+ * are guaranteed to fully satisfy 'read' policy rules recursively.
+ *
+ * For to-many relations involved, items not satisfying policy are
+ * silently trimmed. For to-one relation, if relation data fails policy
+ * an RequestHandlerError is thrown.
+ *
+ * @param model the model to query for
+ * @param queryArgs the Prisma query args
+ * @param service the ZenStack service
+ * @param context the query context
+ * @param db the db (or transaction)
+ * @returns
+ */
+function readWithCheck(model, queryArgs, service, context, db) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const args = (0, deepcopy_1.default)(queryArgs);
+        args.where = and(args.where, yield service.buildQueryGuard(model, 'read', context));
+        // recursively inject read guard conditions into the query args
+        yield injectNestedReadConditions(model, args, service, context);
+        service.verbose(`Reading with validation for ${model}: ${JSON.stringify(args)}`);
+        const result = yield db[model].findMany(args);
+        yield Promise.all(result.map((item) => postProcessForRead(item, model, args, service, context, db, 'read')));
+        return result;
+    });
+}
+exports.readWithCheck = readWithCheck;
+function injectNestedReadConditions(model, args, service, context) {
+    var _a, _b, _c, _d;
+    return __awaiter(this, void 0, void 0, function* () {
+        const injectTarget = (_a = args.select) !== null && _a !== void 0 ? _a : args.include;
+        if (!injectTarget) {
+            return;
+        }
+        for (const field of Object.keys(injectTarget)) {
+            const fieldInfo = yield service.resolveField(model, field);
+            if (!fieldInfo || !fieldInfo.isDataModel) {
+                // only care about relation fields
+                continue;
+            }
+            if (fieldInfo.isArray) {
+                if (typeof injectTarget[field] !== 'object') {
+                    injectTarget[field] = {};
+                }
+                // inject extra condition for to-many relation
+                injectTarget[field].where = and(injectTarget.where, yield service.buildQueryGuard(fieldInfo.type, 'read', context));
+            }
+            else {
+                // there's no way of injecting condition for to-one relation, so we
+                // make sure 'id' field is selected and check them against query result
+                if (((_b = injectTarget[field]) === null || _b === void 0 ? void 0 : _b.select) &&
+                    ((_d = (_c = injectTarget[field]) === null || _c === void 0 ? void 0 : _c.select) === null || _d === void 0 ? void 0 : _d.id) !== true) {
+                    injectTarget[field].select.id = true;
+                }
+            }
+            // recurse
+            yield injectNestedReadConditions(fieldInfo.type, injectTarget[field], service, context);
+        }
+    });
+}
+/**
+ * Post processing checks for read model entities.
+ * Validates to-one relations (which can't be trimmed
+ * at query time) and removes fields that should be
+ * omitted.
+ */
+function postProcessForRead(entityData, model, args, service, context, db, operation) {
+    var _a, _b;
+    return __awaiter(this, void 0, void 0, function* () {
+        if (!(entityData === null || entityData === void 0 ? void 0 : entityData.id)) {
+            return;
+        }
+        for (const field of Object.keys(entityData)) {
+            if (yield shouldOmit(service, model, field)) {
+                delete entityData[field];
+            }
+            const fieldValue = entityData[field];
+            if (typeof fieldValue === 'bigint') {
+                // serialize BigInt with typing info
+                entityData[field] = {
+                    type: 'BigInt',
+                    data: fieldValue.toString(),
+                };
+            }
+            if (fieldValue instanceof Date) {
+                // serialize Date with typing info
+                entityData[field] = {
+                    type: 'Date',
+                    data: fieldValue.toISOString(),
+                };
+            }
+            if (typeof fieldValue === 'object') {
+                const fieldInfo = yield service.resolveField(model, field);
+                if ((fieldInfo === null || fieldInfo === void 0 ? void 0 : fieldInfo.type) === 'Decimal') {
+                    // serialize Decimal with typing info
+                    entityData[field] = {
+                        type: 'Decimal',
+                        data: fieldValue.toString(),
+                    };
+                }
+                else if ((fieldInfo === null || fieldInfo === void 0 ? void 0 : fieldInfo.type) === 'Bytes') {
+                    entityData[field] = {
+                        type: 'Bytes',
+                        data: Array.from(fieldValue),
+                    };
+                }
+            }
+        }
+        const injectTarget = (_a = args.select) !== null && _a !== void 0 ? _a : args.include;
+        if (!injectTarget) {
+            return;
+        }
+        // to-one relation data cannot be trimmed by injected guards, we have to
+        // post-check them
+        for (const field of Object.keys(injectTarget)) {
+            const fieldInfo = yield service.resolveField(model, field);
+            if (!fieldInfo ||
+                !fieldInfo.isDataModel ||
+                fieldInfo.isArray ||
+                !((_b = entityData === null || entityData === void 0 ? void 0 : entityData[field]) === null || _b === void 0 ? void 0 : _b.id)) {
+                continue;
+            }
+            service.verbose(`Validating read of to-one relation: ${fieldInfo.type}#${entityData[field].id}`);
+            yield checkPolicyForIds(fieldInfo.type, [entityData[field].id], operation, service, context, db);
+            // recurse
+            yield postProcessForRead(entityData[field], fieldInfo.type, injectTarget[field], service, context, db, operation);
+        }
+    });
+}
+/**
+ * Validates that a model entity satisfies 'update' policy rules
+ * before conducting an update
+ *
+ * @param model model under update
+ * @param id id of entity under update
+ * @param updateArgs Prisma update args
+ * @param service the ZenStack service
+ * @param context the query context
+ * @param transaction the db transaction context
+ */
+function preUpdateCheck(model, id, updateArgs, service, context, transaction) {
+    return __awaiter(this, void 0, void 0, function* () {
+        // check the entity directly under update first
+        yield checkPolicyForIds(model, [id], 'update', service, context, transaction);
+        // We need to ensure that all nested updates respect policy rules of
+        // the corresponding model.
+        //
+        // Here we use a visitor to collect all necessary
+        // checkes. During visiting, for every update we meet agains a relation,
+        // we collect its path (starting from the root object). If the relation
+        // is a to-many one, it can carry filter condition that we collect as well.
+        //
+        // After the visiting, we validate that each collected path satisfies
+        // corresponding policy rules by making separate queries.
+        const visitor = new nested_write_vistor_1.NestedWriteVisitor(service);
+        const state = [];
+        const checks = [];
+        const visitAction = (fieldInfo, action, fieldData, _parentData, state) => __awaiter(this, void 0, void 0, function* () {
+            if (!fieldInfo.isDataModel) {
+                return state;
+            }
+            if (![
+                'update',
+                'updateMany',
+                'upsert',
+                'delete',
+                'deleteMany',
+            ].includes(action)) {
+                // no more nested writes inside, stop recursion
+                return undefined;
+            }
+            // for to-many relation, a filter condition can be attached
+            let condition = undefined;
+            if (fieldInfo.isArray) {
+                switch (action) {
+                    case 'update':
+                    case 'updateMany':
+                    case 'upsert':
+                        // condition is wrapped in 'where'
+                        condition = or(...ensureArray(fieldData).map((d) => d.where));
+                        break;
+                    case 'delete':
+                    case 'deleteMany':
+                        // condition is not wrapped
+                        condition = or(...ensureArray(fieldData));
+                        break;
+                }
+            }
+            // build up a new segment of path
+            const selectionPath = [
+                ...state,
+                { field: fieldInfo, where: condition },
+            ];
+            const operation = [
+                'update',
+                'updateMany',
+                'upsert',
+            ].includes(action)
+                ? 'update'
+                : 'delete';
+            // collect an asynchronous check action
+            checks.push(checkPolicyForSelectionPath(model, id, selectionPath, operation, transaction, service, context));
+            // recurse down with the current path as the new state
+            return selectionPath;
+        });
+        yield visitor.visit(model, updateArgs.data, undefined, state, visitAction);
+        yield Promise.all(checks);
+    });
+}
+exports.preUpdateCheck = preUpdateCheck;
+/**
+ * Given a list of ids for a model, check if they all match policy rules, and if not,
+ * throw a RequestHandlerError.
+ *
+ * @param model the model
+ * @param ids the entity ids
+ * @param operation the operation to check for
+ * @param service the ZenStack service
+ * @param context the query context
+ * @param db the db or transaction
+ */
+function checkPolicyForIds(model, ids, operation, service, context, db) {
+    return __awaiter(this, void 0, void 0, function* () {
+        service.verbose(`Checking policy for ${model}#[${ids.join(', ')}] for ${operation}`);
+        // build a query condition with policy injected
+        const idCondition = ids.length > 1 ? { id: { in: ids } } : { id: ids[0] };
+        const query = {
+            where: and(idCondition, yield service.buildQueryGuard(model, operation, context)),
+            select: { id: true },
+        };
+        // query with policy injected
+        const filteredResult = (yield db[model].findMany(query));
+        // see if we get fewer items with policy, if so, reject with an throw
+        const filteredIds = filteredResult.map((item) => item.id);
+        if (filteredIds.length < ids.length) {
+            const gap = ids.filter((id) => !filteredIds.includes(id));
+            throw new types_2.RequestHandlerError(types_1.ServerErrorCode.DENIED_BY_POLICY, `denied by policy: entities failed '${operation}' check, ${model}#[${gap.join(', ')}]`);
+        }
+    });
+}
+exports.checkPolicyForIds = checkPolicyForIds;
+/**
+ * Given a selection path, check if the entities at the end of path satisfy
+ * policy rules. If not, throw an error.
+ */
+function checkPolicyForSelectionPath(model, id, selectionPath, operation, db, service, context) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const targetField = selectionPath[selectionPath.length - 1].field;
+        // build a Prisma query for the path
+        const query = buildChainedSelectQuery(id, selectionPath);
+        service.verbose(`Query for selection path: model ${model}, path ${JSON.stringify(selectionPath)}, query ${JSON.stringify(query)}`);
+        const r = yield db[model].findUnique(query);
+        // collect ids at the end of the path
+        const ids = collectTerminalEntityIds(selectionPath, r);
+        service.verbose(`Collected leaf ids: ${JSON.stringify(ids)}`);
+        if (ids.length === 0) {
+            return;
+        }
+        // check policies for the collected ids
+        yield checkPolicyForIds(targetField.type, ids, operation, service, context, db);
+    });
+}
+/**
+ * Builds a Prisma query for the given selection path
+ */
+function buildChainedSelectQuery(id, selectionPath) {
+    const query = { where: { id }, select: { id: true } };
+    let currSelect = query.select;
+    for (const path of selectionPath) {
+        const nextSelect = { select: { id: true } };
+        currSelect[path.field.name] = nextSelect;
+        if (path.where) {
+            currSelect[path.field.name].where = path.where;
+        }
+        currSelect = nextSelect.select;
+    }
+    return query;
+}
+function collectTerminalEntityIds(selectionPath, data) {
+    let curr = data;
+    for (const path of selectionPath) {
+        curr = curr[path.field.name];
+    }
+    if (!curr) {
+        throw new types_2.RequestHandlerError(types_1.ServerErrorCode.UNKNOWN, 'an unexpected error occurred');
+    }
+    return Array.isArray(curr)
+        ? curr.map((item) => item.id)
+        : [curr.id];
+}
+/**
+ * Injects assignment of zenstack_transaction field for all nested
+ * update/create in a Prisma update args recursively.
+ *
+ * @return a tuple containing all model types that are involved in
+ * creation or updating, respectively
+ */
+function injectTransactionId(model, args, operation, transactionId, service) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const updatedModels = new Set();
+        const createdModels = new Set();
+        if (args.data) {
+            args.data[constants_1.TRANSACTION_FIELD_NAME] = `${transactionId}:${operation}`;
+            updatedModels.add(model);
+        }
+        const visitAction = (fieldInfo, action, fieldData) => __awaiter(this, void 0, void 0, function* () {
+            if (fieldInfo.isDataModel && fieldData) {
+                switch (action) {
+                    case 'update':
+                    case 'updateMany':
+                        ensureArray(fieldData).forEach((item) => {
+                            if (fieldInfo.isArray && item.data) {
+                                item.data[constants_1.TRANSACTION_FIELD_NAME] = `${transactionId}:update`;
+                            }
+                            else {
+                                item[constants_1.TRANSACTION_FIELD_NAME] = `${transactionId}:update`;
+                            }
+                            updatedModels.add(fieldInfo.type);
+                        });
+                        break;
+                    case 'upsert':
+                        ensureArray(fieldData).forEach((item) => {
+                            item.create[constants_1.TRANSACTION_FIELD_NAME] = `${transactionId}:create`;
+                            createdModels.add(fieldInfo.type);
+                            item.update[constants_1.TRANSACTION_FIELD_NAME] = `${transactionId}:update`;
+                            updatedModels.add(fieldInfo.type);
+                        });
+                        break;
+                    case 'create':
+                    case 'createMany':
+                        ensureArray(fieldData).forEach((item) => {
+                            item[constants_1.TRANSACTION_FIELD_NAME] = `${transactionId}:create`;
+                            createdModels.add(fieldInfo.type);
+                        });
+                        break;
+                    case 'connectOrCreate':
+                        ensureArray(fieldData).forEach((item) => {
+                            item.create[constants_1.TRANSACTION_FIELD_NAME] = `${transactionId}:create`;
+                            createdModels.add(fieldInfo.type);
+                        });
+                        break;
+                }
+            }
+            return true;
+        });
+        const visitor = new nested_write_vistor_1.NestedWriteVisitor(service);
+        yield visitor.visit(model, args.data, undefined, undefined, visitAction);
+        return {
+            createdModels: Array.from(createdModels),
+            updatedModels: Array.from(updatedModels),
+        };
+    });
+}
+exports.injectTransactionId = injectTransactionId;
+/**
+ * Preprocesses the given write args to modify field values (in place) based on
+ * attributes like @password
+ */
+function preprocessWritePayload(model, args, service) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const visitAction = (fieldInfo, _action, fieldData, parentData) => __awaiter(this, void 0, void 0, function* () {
+            var _a, _b, _c;
+            // process @password field
+            const pwdAttr = (_a = fieldInfo.attributes) === null || _a === void 0 ? void 0 : _a.find((attr) => attr.name === '@password');
+            if (pwdAttr && fieldInfo.type === 'String') {
+                // hash password value
+                let salt = (_b = pwdAttr.args.find((arg) => arg.name === 'salt')) === null || _b === void 0 ? void 0 : _b.value;
+                if (!salt) {
+                    salt = (_c = pwdAttr.args.find((arg) => arg.name === 'saltLength')) === null || _c === void 0 ? void 0 : _c.value;
+                }
+                if (!salt) {
+                    salt = constants_1.DEFAULT_PASSWORD_SALT_LENGTH;
+                }
+                parentData[fieldInfo.name] = (0, bcryptjs_1.hashSync)(fieldData, salt);
+            }
+            // deserialize Buffer field
+            if (fieldInfo.type === 'Bytes' && Array.isArray(fieldData.data)) {
+                parentData[fieldInfo.name] = Buffer.from(fieldData.data);
+            }
+            // deserialize BigInt field
+            if (fieldInfo.type === 'BigInt' && typeof fieldData === 'string') {
+                parentData[fieldInfo.name] = BigInt(fieldData);
+            }
+            return true;
+        });
+        const visitor = new nested_write_vistor_1.NestedWriteVisitor(service);
+        yield visitor.visit(model, args.data, undefined, undefined, visitAction);
+    });
+}
+exports.preprocessWritePayload = preprocessWritePayload;
+function shouldOmit(service, model, field) {
+    return __awaiter(this, void 0, void 0, function* () {
+        if ([constants_1.TRANSACTION_FIELD_NAME, constants_1.GUARD_FIELD_NAME].includes(field)) {
+            return true;
+        }
+        const fieldInfo = yield service.resolveField(model, field);
+        return !!(fieldInfo && fieldInfo.attributes.find((attr) => attr.name === '@omit'));
+    });
+}
+//#endregion
+//# sourceMappingURL=policy-utils.js.map

package/lib/handler/data/policy-utils.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"policy-utils.js","sourceRoot":"","sources":["../../../../src/handler/data/policy-utils.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,sEAAsE;AACtE,uDAAuD;AACvD,uCAAoC;AACpC,wDAAgC;AAChC,+CAIyB;AACzB,uCAOqB;AACrB,oCAAsE;AACtE,+DAA2D;AAE3D,yBAAyB;AAEzB;;GAEG;AACH,SAAgB,GAAG,CAAC,GAAG,UAAqB;IACxC,MAAM,QAAQ,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/C,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;QACvB,OAAO,SAAS,CAAC;KACpB;SAAM,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;QAC9B,OAAO,QAAQ,CAAC,CAAC,CAAC,CAAC;KACtB;SAAM;QACH,OAAO,EAAE,GAAG,EAAE,QAAQ,EAAE,CAAC;KAC5B;AACL,CAAC;AATD,kBASC;AAED;;GAEG;AACH,SAAgB,EAAE,CAAC,GAAG,UAAqB;IACvC,MAAM,QAAQ,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/C,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;QACvB,OAAO,SAAS,CAAC;KACpB;SAAM,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;QAC9B,OAAO,QAAQ,CAAC,CAAC,CAAC,CAAC;KACtB;SAAM;QACH,OAAO,EAAE,EAAE,EAAE,QAAQ,EAAE,CAAC;KAC3B;AACL,CAAC;AATD,gBASC;AAED;;GAEG;AACH,SAAgB,WAAW,CAAI,KAAQ;IACnC,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;AAClD,CAAC;AAFD,kCAEC;AAED;;GAEG;AACH,SAAsB,QAAQ,CAC1B,KAAa,EACb,EAAgC,EAChC,KAAc;;QAEd,MAAM,CAAC,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;QACpE,OAAQ,CAAsB,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC1D,CAAC;CAAA;AAPD,4BAOC;AAED,YAAY;AAEZ,oCAAoC;AAEpC;;;;;;;;;;;;;;GAcG;AACH,SAAsB,aAAa,CAC/B,KAAa,EACb,SAAc,EACd,OAAgB,EAChB,OAAqB,EACrB,EAAgC;;QAEhC,MAAM,IAAI,GAAG,IAAA,kBAAQ,EAAC,SAAS,CAAC,CAAC;QACjC,IAAI,CAAC,KAAK,GAAG,GAAG,CACZ,IAAI,CAAC,KAAK,EACV,MAAM,OAAO,CAAC,eAAe,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,CACxD,CAAC;QAEF,+DAA+D;QAC/D,MAAM,0BAA0B,CAAC,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;QAEhE,OAAO,CAAC,OAAO,CACX,+BAA+B,KAAK,KAAK,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAClE,CAAC;QACF,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAE9C,MAAM,OAAO,CAAC,GAAG,CACb,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAChB,kBAAkB,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,EAAE,EAAE,MAAM,CAAC,CACtE,CACJ,CAAC;QAEF,OAAO,MAAM,CAAC;IAClB,CAAC;CAAA;AA5BD,sCA4BC;AAED,SAAe,0BAA0B,CACrC,KAAa,EACb,IAAS,EACT,OAAgB,EAChB,OAAqB;;;QAErB,MAAM,YAAY,GAAG,MAAA,IAAI,CAAC,MAAM,mCAAI,IAAI,CAAC,OAAO,CAAC;QACjD,IAAI,CAAC,YAAY,EAAE;YACf,OAAO;SACV;QAED,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE;YAC3C,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,YAAY,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;YAC3D,IAAI,CAAC,SAAS,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE;gBACtC,kCAAkC;gBAClC,SAAS;aACZ;YAED,IAAI,SAAS,CAAC,OAAO,EAAE;gBACnB,IAAI,OAAO,YAAY,CAAC,KAAK,CAAC,KAAK,QAAQ,EAAE;oBACzC,YAAY,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC;iBAC5B;gBACD,8CAA8C;gBAC9C,YAAY,CAAC,KAAK,CAAC,CAAC,KAAK,GAAG,GAAG,CAC3B,YAAY,CAAC,KAAK,EAClB,MAAM,OAAO,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,CACjE,CAAC;aACL;iBAAM;gBACH,mEAAmE;gBACnE,uEAAuE;gBACvE,IACI,CAAA,MAAA,YAAY,CAAC,KAAK,CAAC,0CAAE,MAAM;oBAC3B,CAAA,MAAA,MAAA,YAAY,CAAC,KAAK,CAAC,0CAAE,MAAM,0CAAE,EAAE,MAAK,IAAI,EAC1C;oBACE,YAAY,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,EAAE,GAAG,IAAI,CAAC;iBACxC;aACJ;YAED,UAAU;YACV,MAAM,0BAA0B,CAC5B,SAAS,CAAC,IAAI,EACd,YAAY,CAAC,KAAK,CAAC,EACnB,OAAO,EACP,OAAO,CACV,CAAC;SACL;;CACJ;AAED;;;;;GAKG;AACH,SAAe,kBAAkB,CAC7B,UAAe,EACf,KAAa,EACb,IAAS,EACT,OAAgB,EAChB,OAAqB,EACrB,EAAgC,EAChC,SAA8B;;;QAE9B,IAAI,CAAC,CAAA,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,EAAE,CAAA,EAAE;YACjB,OAAO;SACV;QAED,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE;YACzC,IAAI,MAAM,UAAU,CAAC,OAAO,EAAE,KAAK,EAAE,KAAK,CAAC,EAAE;gBACzC,OAAO,UAAU,CAAC,KAAK,CAAC,CAAC;aAC5B;YAED,MAAM,UAAU,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC;YAErC,IAAI,OAAO,UAAU,KAAK,QAAQ,EAAE;gBAChC,oCAAoC;gBACpC,UAAU,CAAC,KAAK,CAAC,GAAG;oBAChB,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,UAAU,CAAC,QAAQ,EAAE;iBAC9B,CAAC;aACL;YAED,IAAI,UAAU,YAAY,IAAI,EAAE;gBAC5B,kCAAkC;gBAClC,UAAU,CAAC,KAAK,CAAC,GAAG;oBAChB,IAAI,EAAE,MAAM;oBACZ,IAAI,EAAE,UAAU,CAAC,WAAW,EAAE;iBACjC,CAAC;aACL;YAED,IAAI,OAAO,UAAU,KAAK,QAAQ,EAAE;gBAChC,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,YAAY,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;gBAC3D,IAAI,CAAA,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,IAAI,MAAK,SAAS,EAAE;oBAC/B,qCAAqC;oBACrC,UAAU,CAAC,KAAK,CAAC,GAAG;wBAChB,IAAI,EAAE,SAAS;wBACf,IAAI,EAAE,UAAU,CAAC,QAAQ,EAAE;qBAC9B,CAAC;iBACL;qBAAM,IAAI,CAAA,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,IAAI,MAAK,OAAO,EAAE;oBACpC,UAAU,CAAC,KAAK,CAAC,GAAG;wBAChB,IAAI,EAAE,OAAO;wBACb,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,UAAoB,CAAC;qBACzC,CAAC;iBACL;aACJ;SACJ;QAED,MAAM,YAAY,GAAG,MAAA,IAAI,CAAC,MAAM,mCAAI,IAAI,CAAC,OAAO,CAAC;QACjD,IAAI,CAAC,YAAY,EAAE;YACf,OAAO;SACV;QAED,wEAAwE;QACxE,kBAAkB;QAClB,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE;YAC3C,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,YAAY,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;YAC3D,IACI,CAAC,SAAS;gBACV,CAAC,SAAS,CAAC,WAAW;gBACtB,SAAS,CAAC,OAAO;gBACjB,CAAC,CAAA,MAAA,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAG,KAAK,CAAC,0CAAE,EAAE,CAAA,EAC1B;gBACE,SAAS;aACZ;YAED,OAAO,CAAC,OAAO,CACX,uCAAuC,SAAS,CAAC,IAAI,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAClF,CAAC;YAEF,MAAM,iBAAiB,CACnB,SAAS,CAAC,IAAI,EACd,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EACtB,SAAS,EACT,OAAO,EACP,OAAO,EACP,EAAE,CACL,CAAC;YAEF,UAAU;YACV,MAAM,kBAAkB,CACpB,UAAU,CAAC,KAAK,CAAC,EACjB,SAAS,CAAC,IAAI,EACd,YAAY,CAAC,KAAK,CAAC,EACnB,OAAO,EACP,OAAO,EACP,EAAE,EACF,SAAS,CACZ,CAAC;SACL;;CACJ;AAID;;;;;;;;;;GAUG;AACH,SAAsB,cAAc,CAChC,KAAa,EACb,EAAU,EACV,UAAe,EACf,OAAgB,EAChB,OAAqB,EACrB,WAAyC;;QAEzC,+CAA+C;QAC/C,MAAM,iBAAiB,CACnB,KAAK,EACL,CAAC,EAAE,CAAC,EACJ,QAAQ,EACR,OAAO,EACP,OAAO,EACP,WAAW,CACd,CAAC;QAEF,oEAAoE;QACpE,2BAA2B;QAC3B,EAAE;QACF,iDAAiD;QACjD,wEAAwE;QACxE,uEAAuE;QACvE,2EAA2E;QAC3E,EAAE;QACF,qEAAqE;QACrE,yDAAyD;QAEzD,MAAM,OAAO,GAAG,IAAI,wCAAkB,CAAgB,OAAO,CAAC,CAAC;QAC/D,MAAM,KAAK,GAAkB,EAAE,CAAC;QAChC,MAAM,MAAM,GAAyB,EAAE,CAAC;QAExC,MAAM,WAAW,GAAG,CAChB,SAAoB,EACpB,MAA6B,EAC7B,SAAc,EACd,WAAgB,EAChB,KAAoB,EACtB,EAAE;YACA,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE;gBACxB,OAAO,KAAK,CAAC;aAChB;YAED,IACI,CAAC;gBACG,QAAQ;gBACR,YAAY;gBACZ,QAAQ;gBACR,QAAQ;gBACR,YAAY;aACf,CAAC,QAAQ,CAAC,MAAM,CAAC,EACpB;gBACE,+CAA+C;gBAC/C,OAAO,SAAS,CAAC;aACpB;YAED,2DAA2D;YAC3D,IAAI,SAAS,GAAQ,SAAS,CAAC;YAC/B,IAAI,SAAS,CAAC,OAAO,EAAE;gBACnB,QAAQ,MAAM,EAAE;oBACZ,KAAK,QAAQ,CAAC;oBACd,KAAK,YAAY,CAAC;oBAClB,KAAK,QAAQ;wBACT,kCAAkC;wBAClC,SAAS,GAAG,EAAE,CACV,GAAG,WAAW,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAChD,CAAC;wBACF,MAAM;oBACV,KAAK,QAAQ,CAAC;oBACd,KAAK,YAAY;wBACb,2BAA2B;wBAC3B,SAAS,GAAG,EAAE,CAAC,GAAG,WAAW,CAAC,SAAS,CAAC,CAAC,CAAC;wBAC1C,MAAM;iBACb;aACJ;YAED,iCAAiC;YACjC,MAAM,aAAa,GAAG;gBAClB,GAAG,KAAK;gBACR,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,EAAE,SAAS,EAAE;aACzC,CAAC;YAEF,MAAM,SAAS,GAAwB;gBACnC,QAAQ;gBACR,YAAY;gBACZ,QAAQ;aACX,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACd,CAAC,CAAC,QAAQ;gBACV,CAAC,CAAC,QAAQ,CAAC;YAEf,uCAAuC;YACvC,MAAM,CAAC,IAAI,CACP,2BAA2B,CACvB,KAAK,EACL,EAAE,EACF,aAAa,EACb,SAAS,EACT,WAAW,EACX,OAAO,EACP,OAAO,CACV,CACJ,CAAC;YAEF,sDAAsD;YACtD,OAAO,aAAa,CAAC;QACzB,CAAC,CAAA,CAAC;QAEF,MAAM,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,UAAU,CAAC,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,WAAW,CAAC,CAAC;QAE3E,MAAM,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAC9B,CAAC;CAAA;AA/GD,wCA+GC;AAED;;;;;;;;;;GAUG;AACH,SAAsB,iBAAiB,CACnC,KAAa,EACb,GAAa,EACb,SAA8B,EAC9B,OAAgB,EAChB,OAAqB,EACrB,EAAgC;;QAEhC,OAAO,CAAC,OAAO,CACX,uBAAuB,KAAK,KAAK,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,SAAS,EAAE,CACtE,CAAC;QAEF,+CAA+C;QAC/C,MAAM,WAAW,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QAC1E,MAAM,KAAK,GAAG;YACV,KAAK,EAAE,GAAG,CACN,WAAW,EACX,MAAM,OAAO,CAAC,eAAe,CAAC,KAAK,EAAE,SAAS,EAAE,OAAO,CAAC,CAC3D;YACD,MAAM,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE;SACvB,CAAC;QAEF,6BAA6B;QAC7B,MAAM,cAAc,GAAG,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAErD,CAAC;QAEH,qEAAqE;QACrE,MAAM,WAAW,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC1D,IAAI,WAAW,CAAC,MAAM,GAAG,GAAG,CAAC,MAAM,EAAE;YACjC,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,WAAW,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1D,MAAM,IAAI,2BAAmB,CACzB,uBAAe,CAAC,gBAAgB,EAChC,sCAAsC,SAAS,YAAY,KAAK,KAAK,GAAG,CAAC,IAAI,CACzE,IAAI,CACP,GAAG,CACP,CAAC;SACL;IACL,CAAC;CAAA;AAtCD,8CAsCC;AAED;;;GAGG;AACH,SAAe,2BAA2B,CACtC,KAAa,EACb,EAAU,EACV,aAA4B,EAC5B,SAA8B,EAC9B,EAAgC,EAChC,OAAgB,EAChB,OAAqB;;QAErB,MAAM,WAAW,GAAG,aAAa,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC;QAClE,oCAAoC;QACpC,MAAM,KAAK,GAAG,uBAAuB,CAAC,EAAE,EAAE,aAAa,CAAC,CAAC;QAEzD,OAAO,CAAC,OAAO,CACX,mCAAmC,KAAK,UAAU,IAAI,CAAC,SAAS,CAC5D,aAAa,CAChB,WAAW,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE,CACtC,CAAC;QACF,MAAM,CAAC,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;QAE5C,qCAAqC;QACrC,MAAM,GAAG,GAAa,wBAAwB,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC;QACjE,OAAO,CAAC,OAAO,CAAC,uBAAuB,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAE9D,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE;YAClB,OAAO;SACV;QAED,uCAAuC;QACvC,MAAM,iBAAiB,CACnB,WAAW,CAAC,IAAI,EAChB,GAAG,EACH,SAAS,EACT,OAAO,EACP,OAAO,EACP,EAAE,CACL,CAAC;IACN,CAAC;CAAA;AAED;;GAEG;AACH,SAAS,uBAAuB,CAAC,EAAU,EAAE,aAA4B;IACrE,MAAM,KAAK,GAAG,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,CAAC;IACtD,IAAI,UAAU,GAAQ,KAAK,CAAC,MAAM,CAAC;IACnC,KAAK,MAAM,IAAI,IAAI,aAAa,EAAE;QAC9B,MAAM,UAAU,GAAG,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,CAAC;QAC5C,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC;QACzC,IAAI,IAAI,CAAC,KAAK,EAAE;YACZ,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;SAClD;QACD,UAAU,GAAG,UAAU,CAAC,MAAM,CAAC;KAClC;IACD,OAAO,KAAK,CAAC;AACjB,CAAC;AAED,SAAS,wBAAwB,CAC7B,aAA4B,EAC5B,IAAS;IAET,IAAI,IAAI,GAAG,IAAI,CAAC;IAChB,KAAK,MAAM,IAAI,IAAI,aAAa,EAAE;QAC9B,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;KAChC;IAED,IAAI,CAAC,IAAI,EAAE;QACP,MAAM,IAAI,2BAAmB,CACzB,uBAAe,CAAC,OAAO,EACvB,8BAA8B,CACjC,CAAC;KACL;IAED,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC;QACtB,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,EAAY,CAAC;QACvC,CAAC,CAAC,CAAC,IAAI,CAAC,EAAY,CAAC,CAAC;AAC9B,CAAC;AAED;;;;;;GAMG;AACH,SAAsB,mBAAmB,CACrC,KAAa,EACb,IAAS,EACT,SAA8B,EAC9B,aAAqB,EACrB,OAAgB;;QAEhB,MAAM,aAAa,GAAG,IAAI,GAAG,EAAU,CAAC;QACxC,MAAM,aAAa,GAAG,IAAI,GAAG,EAAU,CAAC;QAExC,IAAI,IAAI,CAAC,IAAI,EAAE;YACX,IAAI,CAAC,IAAI,CAAC,kCAAsB,CAAC,GAAG,GAAG,aAAa,IAAI,SAAS,EAAE,CAAC;YACpE,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;SAC5B;QAED,MAAM,WAAW,GAAG,CAChB,SAAoB,EACpB,MAA6B,EAC7B,SAAc,EAChB,EAAE;YACA,IAAI,SAAS,CAAC,WAAW,IAAI,SAAS,EAAE;gBACpC,QAAQ,MAAM,EAAE;oBACZ,KAAK,QAAQ,CAAC;oBACd,KAAK,YAAY;wBACb,WAAW,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;4BACpC,IAAI,SAAS,CAAC,OAAO,IAAI,IAAI,CAAC,IAAI,EAAE;gCAChC,IAAI,CAAC,IAAI,CACL,kCAAsB,CACzB,GAAG,GAAG,aAAa,SAAS,CAAC;6BACjC;iCAAM;gCACH,IAAI,CACA,kCAAsB,CACzB,GAAG,GAAG,aAAa,SAAS,CAAC;6BACjC;4BACD,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;wBACtC,CAAC,CAAC,CAAC;wBACH,MAAM;oBAEV,KAAK,QAAQ;wBACT,WAAW,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;4BACpC,IAAI,CAAC,MAAM,CACP,kCAAsB,CACzB,GAAG,GAAG,aAAa,SAAS,CAAC;4BAC9B,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;4BAClC,IAAI,CAAC,MAAM,CACP,kCAAsB,CACzB,GAAG,GAAG,aAAa,SAAS,CAAC;4BAC9B,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;wBACtC,CAAC,CAAC,CAAC;wBACH,MAAM;oBAEV,KAAK,QAAQ,CAAC;oBACd,KAAK,YAAY;wBACb,WAAW,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;4BACpC,IAAI,CACA,kCAAsB,CACzB,GAAG,GAAG,aAAa,SAAS,CAAC;4BAC9B,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;wBACtC,CAAC,CAAC,CAAC;wBACH,MAAM;oBAEV,KAAK,iBAAiB;wBAClB,WAAW,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;4BACpC,IAAI,CAAC,MAAM,CACP,kCAAsB,CACzB,GAAG,GAAG,aAAa,SAAS,CAAC;4BAC9B,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;wBACtC,CAAC,CAAC,CAAC;wBACH,MAAM;iBACb;aACJ;YACD,OAAO,IAAI,CAAC;QAChB,CAAC,CAAA,CAAC;QAEF,MAAM,OAAO,GAAG,IAAI,wCAAkB,CAAC,OAAO,CAAC,CAAC;QAChD,MAAM,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,IAAI,CAAC,IAAI,EAAE,SAAS,EAAE,SAAS,EAAE,WAAW,CAAC,CAAC;QAEzE,OAAO;YACH,aAAa,EAAE,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC;YACxC,aAAa,EAAE,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC;SAC3C,CAAC;IACN,CAAC;CAAA;AAjFD,kDAiFC;AAED;;;GAGG;AACH,SAAsB,sBAAsB,CACxC,KAAa,EACb,IAAS,EACT,OAAgB;;QAEhB,MAAM,WAAW,GAAG,CAChB,SAAoB,EACpB,OAA8B,EAC9B,SAAc,EACd,UAAe,EACjB,EAAE;;YACA,0BAA0B;YAC1B,MAAM,OAAO,GAAG,MAAA,SAAS,CAAC,UAAU,0CAAE,IAAI,CACtC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,KAAK,WAAW,CACtC,CAAC;YACF,IAAI,OAAO,IAAI,SAAS,CAAC,IAAI,KAAK,QAAQ,EAAE;gBACxC,sBAAsB;gBACtB,IAAI,IAAI,GAAgC,MAAA,OAAO,CAAC,IAAI,CAAC,IAAI,CACrD,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,KAAK,MAAM,CAC/B,0CAAE,KAAe,CAAC;gBACnB,IAAI,CAAC,IAAI,EAAE;oBACP,IAAI,GAAG,MAAA,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,KAAK,YAAY,CAAC,0CACtD,KAAe,CAAC;iBACzB;gBACD,IAAI,CAAC,IAAI,EAAE;oBACP,IAAI,GAAG,wCAA4B,CAAC;iBACvC;gBACD,UAAU,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,IAAA,mBAAQ,EAAC,SAAS,EAAE,IAAI,CAAC,CAAC;aAC1D;YAED,2BAA2B;YAC3B,IAAI,SAAS,CAAC,IAAI,KAAK,OAAO,IAAI,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE;gBAC7D,UAAU,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;aAC5D;YAED,2BAA2B;YAC3B,IAAI,SAAS,CAAC,IAAI,KAAK,QAAQ,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE;gBAC9D,UAAU,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;aAClD;YAED,OAAO,IAAI,CAAC;QAChB,CAAC,CAAA,CAAC;QAEF,MAAM,OAAO,GAAG,IAAI,wCAAkB,CAAC,OAAO,CAAC,CAAC;QAEhD,MAAM,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,IAAI,CAAC,IAAI,EAAE,SAAS,EAAE,SAAS,EAAE,WAAW,CAAC,CAAC;IAC7E,CAAC;CAAA;AA9CD,wDA8CC;AAED,SAAe,UAAU,CAAC,OAAgB,EAAE,KAAa,EAAE,KAAa;;QACpE,IAAI,CAAC,kCAAsB,EAAE,4BAAgB,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE;YAC5D,OAAO,IAAI,CAAC;SACf;QACD,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,YAAY,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QAC3D,OAAO,CAAC,CAAC,CACL,SAAS,IAAI,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,KAAK,OAAO,CAAC,CAC1E,CAAC;IACN,CAAC;CAAA;AAED,YAAY"}

package/lib/handler/index.d.ts

@@ -0,0 +1 @@
+export { default as DataHandler } from './data/handler';

package/lib/handler/index.js

@@ -0,0 +1,9 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DataHandler = void 0;
+var handler_1 = require("./data/handler");
+Object.defineProperty(exports, "DataHandler", { enumerable: true, get: function () { return __importDefault(handler_1).default; } });
+//# sourceMappingURL=index.js.map

package/lib/handler/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/handler/index.ts"],"names":[],"mappings":";;;;;;AAAA,0CAAwD;AAA/C,uHAAA,OAAO,OAAe"}

package/lib/handler/types.d.ts

@@ -0,0 +1,28 @@
+import { NextApiRequest, NextApiResponse } from 'next';
+import { ServerErrorCode } from '../types';
+/**
+ * Defines contract for a Next.js API endpoint handler.
+ */
+export interface RequestHandler {
+    /**
+     * Handles a request for a given route path.
+     *
+     * @param req The request
+     * @param res The response
+     * @param path The route path (with /api/zenstack prefix removed)
+     */
+    handle(req: NextApiRequest, res: NextApiResponse, path: string[]): Promise<void>;
+}
+/**
+ * Error thrown during request handling
+ */
+export declare class RequestHandlerError extends Error {
+    readonly code: ServerErrorCode;
+    constructor(code: ServerErrorCode, message?: string);
+    toString(): string;
+}
+/**
+ * All write actions supported by Prisma
+ */
+export declare const PrismaWriteActions: readonly ["create", "createMany", "connectOrCreate", "update", "updateMany", "upsert", "delete", "deleteMany", "connect", "none"];
+export type PrismaWriteActionType = typeof PrismaWriteActions[number];

package/lib/handler/types.js

@@ -0,0 +1,36 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PrismaWriteActions = exports.RequestHandlerError = void 0;
+const types_1 = require("../types");
+/**
+ * Error thrown during request handling
+ */
+class RequestHandlerError extends Error {
+    constructor(code, message) {
+        message = message
+            ? `${(0, types_1.getServerErrorMessage)(code)}: ${message}`
+            : (0, types_1.getServerErrorMessage)(code);
+        super(message);
+        this.code = code;
+    }
+    toString() {
+        return `Request handler error: ${this.code}, ${this.message}`;
+    }
+}
+exports.RequestHandlerError = RequestHandlerError;
+/**
+ * All write actions supported by Prisma
+ */
+exports.PrismaWriteActions = [
+    'create',
+    'createMany',
+    'connectOrCreate',
+    'update',
+    'updateMany',
+    'upsert',
+    'delete',
+    'deleteMany',
+    'connect',
+    'none',
+];
+//# sourceMappingURL=types.js.map

package/lib/handler/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/handler/types.ts"],"names":[],"mappings":";;;AACA,oCAAkE;AAoBlE;;GAEG;AACH,MAAa,mBAAoB,SAAQ,KAAK;IAC1C,YAA4B,IAAqB,EAAE,OAAgB;QAC/D,OAAO,GAAG,OAAO;YACb,CAAC,CAAC,GAAG,IAAA,6BAAqB,EAAC,IAAI,CAAC,KAAK,OAAO,EAAE;YAC9C,CAAC,CAAC,IAAA,6BAAqB,EAAC,IAAI,CAAC,CAAC;QAClC,KAAK,CAAC,OAAO,CAAC,CAAC;QAJS,SAAI,GAAJ,IAAI,CAAiB;IAKjD,CAAC;IAED,QAAQ;QACJ,OAAO,0BAA0B,IAAI,CAAC,IAAI,KAAK,IAAI,CAAC,OAAO,EAAE,CAAC;IAClE,CAAC;CACJ;AAXD,kDAWC;AAED;;GAEG;AACU,QAAA,kBAAkB,GAAG;IAC9B,QAAQ;IACR,YAAY;IACZ,iBAAiB;IACjB,QAAQ;IACR,YAAY;IACZ,QAAQ;IACR,QAAQ;IACR,YAAY;IACZ,SAAS;IACT,MAAM;CACA,CAAC"}

package/lib/index.d.ts

@@ -0,0 +1,5 @@
+export * from './types';
+export * from './config';
+export * from './service';
+export * from './request-handler';
+export * from './validation';

package/lib/index.js

@@ -0,0 +1,22 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./types"), exports);
+__exportStar(require("./config"), exports);
+__exportStar(require("./service"), exports);
+__exportStar(require("./request-handler"), exports);
+__exportStar(require("./validation"), exports);
+//# sourceMappingURL=index.js.map

package/lib/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,0CAAwB;AACxB,2CAAyB;AACzB,4CAA0B;AAC1B,oDAAkC;AAClC,+CAA6B"}

package/lib/request-handler.d.ts

@@ -0,0 +1,21 @@
+import { NextApiRequest, NextApiResponse } from 'next';
+import { AuthUser, Service } from './types';
+/**
+ * Options for initializing a Next.js API endpoint request handler. This type is re-exported in @zenstackhq/runtime/server.
+ * @see requestHandler
+ */
+export type RequestHandlerOptions = {
+    /**
+     * Hook method for providing current login user from session.
+     */
+    getServerUser: (req: NextApiRequest, res: NextApiResponse) => Promise<AuthUser | undefined>;
+};
+/**
+ * Creates a Next.js API endpoint request handler which encapsulates RESTful APIs generated by ZenStack.
+ * The created handler should be mounted at /api/zenstack endpoint.
+ *
+ * @param service ZenStack service which wraps a Prisma db client inside
+ * @param options Options for initialization
+ * @returns An API endpoint request handler
+ */
+export declare function requestHandler<DbClient>(service: Service<DbClient>, options: RequestHandlerOptions): (req: NextApiRequest, res: NextApiResponse) => Promise<void>;